Public Suffix List
#psl#cookies#websecurity#mozilla
daud99

daud99 @daud99

Location:
Madrid, Spain
Joined:
Nov 13, 2019

Public Suffix List

Publish Date: Jul 27
0 0

Public Suffix List (PSL) - Quick Reference

Key Rule: PSL entries CANNOT set cookies

example.com in PSL:

  • Who can set cookies: Only subdomains (a.example.com, b.example.com)
  • Cookie sharing: None (each subdomain isolated)
  • Think: "Each apartment rents independently, no shared lobby"

*.example.com in PSL:

  • Who can set cookies:
    • example.com (shares to ALL descendants)
    • a.example.com, b.example.com (they're public suffixes)
    • child.a.example.com, child.b.example.com (but only for themselves)
  • Cookie sharing: Everyone reads example.com's cookies, but children can't share with each other
  • Think: "Hotel owner controls lobby, guests can't set room rules, but guests' visitors can"

Memory trick:

  • No * = Subdomains are independent owners
  • With * = Parent owns everything, subdomains are just public spaces (but their children can own again)

Bottom line: PSL creates a "cookie boundary" - determines who gets to host vs who just receives.

Comments 0 total

    Add comment